Error while trying to fetch the "Forensic snapshot" for reported incident
723
Created On 12/18/22 12:26 PM - Last Modified 02/07/25 22:40 PM
Symptom
The console logs show an error that no such defender exists.
DEBU <Date&Time> route_handler.go:11844 Operation failed: uri=/api/v1/profiles/host/i-XXXXXXX/forensic?eventTime=<time>&hostname=i-XXXXXX&incidentID=<ID>&limit=500&project=Central+Console; error=no such defender: i-XXXXXXX
Environment
- Prisma Cloud Compute
- Compute Runtime
- Prisma Cloud Enterprise Edition (SaaS)
Cause
The defender no longer exists and was likely removed.
Resolution
If the defender where the incident occurred is removed, then this error is expected since the forensic information is pulled from the defender.